From the GPLv3 itself:
"If you convey an object code work under this section in, or with, or
specifically for use in, a User Product, and the conveying occurs as
part of a transaction in which the right of possession and use of the
User Product is transferred to the recipient in perpetuity or for a
fixed term (regardless of how the transaction is characterized), the
Corresponding Source conveyed under this section must be accompanied
by the Installation Information."
The definition of "Installation Information" includes "authorization keys" required to "install
and execute modified versions of a covered work in that User Product". Note, however, the following exception:
"But this requirement does not apply
if neither you nor any third party retains the ability to install
modified object code on the User Product (for example, the work has
been installed in ROM)."
So manufacturers have two obvious options here, excepting "don't use GPLv3 software ever":
- Install firmware in ROM, or some other non-rewritable medium. Updating firmware becomes difficult, but there are still some classes of embedded device which already lack support for this.
- Don't include any GPLv3 software inside signed blobs, where such blobs are on rewritable media. If the DRM or other security-sensitive software they're using (including the libraries it consumes) is either proprietary, or under licences which lack this clause, then they can still sign those bits. Just don't sign the whole system image, if the system as a whole contains software under the GPLv3. In an Internet-enabled DVR, for example, that might leave me able to replace the integrated web browser with one of my choice, whilst still not touching the video decoding parts.
A Linux kernel licensed under the GPLv3 wouldn't automatically become unable to run proprietary software, because - kernel modules aside - you don't actually link to it. Such a prohibition would certainly be against the spirit in that instance, anyway.
The fourth option is to design better DRM ("better" in the sense of "less susceptible to circumvention"), for example mandating that it be implemented in hardware rather than software. This doesn't make it impossible, but then again it isn't impossible at the moment, as has been repeatedly demonstrated.